idnits 2.17.1 draft-ietf-dhc-dhcpv6-stateless-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (January 13, 2004) is 7408 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 3315 (ref. '1') (Obsoleted by RFC 8415) ** Obsolete normative reference: RFC 2460 (ref. '2') (Obsoleted by RFC 8200) -- Obsolete informational reference (is this intentional?): RFC 2461 (ref. '4') (Obsoleted by RFC 4861) -- Obsolete informational reference (is this intentional?): RFC 2462 (ref. '6') (Obsoleted by RFC 4862) == Outdated reference: A later version (-18) exists of draft-ietf-dhc-dna-ipv4-04 Summary: 4 errors (**), 0 flaws (~~), 3 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group R. Droms 2 Internet-Draft Cisco Systems 3 Expires: July 13, 2004 January 13, 2004 5 Stateless DHCP Service for IPv6 6 draft-ietf-dhc-dhcpv6-stateless-04.txt 8 Status of this Memo 10 This document is an Internet-Draft and is in full conformance with 11 all provisions of Section 10 of RFC2026. 13 Internet-Drafts are working documents of the Internet Engineering 14 Task Force (IETF), its areas, and its working groups. Note that other 15 groups may also distribute working documents as Internet-Drafts. 17 Internet-Drafts are draft documents valid for a maximum of six months 18 and may be updated, replaced, or obsoleted by other documents at any 19 time. It is inappropriate to use Internet-Drafts as reference 20 material or to cite them other than as "work in progress." 22 The list of current Internet-Drafts can be accessed at http:// 23 www.ietf.org/ietf/1id-abstracts.txt. 25 The list of Internet-Draft Shadow Directories can be accessed at 26 http://www.ietf.org/shadow.html. 28 This Internet-Draft will expire on July 13, 2004. 30 Copyright Notice 32 Copyright (C) The Internet Society (2004). All Rights Reserved. 34 Abstract 36 Stateless DHCP service for IPv6 (DHCPv6) is used by nodes to obtain 37 configuration information such as the addresses of DNS recursive name 38 servers that does not require the maintenance of any dynamic state 39 for individual clients. A node that uses stateless DHCP must have 40 obtained its IPv6 addresses through some other mechanism, typically 41 stateless address autoconfiguration. This document explains which 42 parts of RFC3315 must be implemented in each of the different kinds 43 of DHCP agents so that that agent can support stateless DHCP. 45 1. Introduction 47 Nodes that have obtained IPv6 addresses through some other mechanism 48 such as stateless address autoconfiguration [6] or manual 49 configuration can use stateless DHCP to obtain other configuration 50 information such as a list of DNS recursive name servers or SIP 51 servers. A stateless DHCP server provides only configuration 52 information to nodes and does not perform any address assignment. 53 Such a server is called "stateless" because it need not maintain any 54 dynamic state for individual clients. 56 While the DHCP specification [1] defines more than 10 protocol 57 messages and 20 options, only a subset of those messages and options 58 are required for stateless DHCP service. This document explains which 59 messages and options defined in RFC 3315 are required for stateless 60 DHCP service. The intended use of the document is to guide the 61 interoperable implementation of clients and servers that use 62 stateless DHCP service. 64 The operation of relay agents is the same for stateless and stateful 65 DHCP service. The operation of relay agents is described in the DHCP 66 specification. 68 Section 4 of this document lists the sections of the DHCP document 69 that an implementor should read for an overview of the DHCP 70 specification and the basic requirements of a DHCP service. Section 5 71 lists the specific messages and options that are specifically 72 required for stateless DHCP service. Section 6 describes how 73 stateless and stateful DHCP servers interact to provide service to 74 clients that require address assignment and clients that require only 75 stateless service. 77 2. Terminology 79 Throughout this document, "DHCP" refers to DHCP for IPv6. 81 This document uses the terminology defined in RFC2460 [2], the DHCP 82 specification [1] and the DHCP DNS configuration options 83 specification [3]. 85 "Stateless DHCP" refers to the use of DHCP to provide configuration 86 information to clients that does not require the server to maintain 87 dynamic state about the DHCP clients. 89 3. Overview 91 This document assumes that a node using stateless DHCP configuration 92 is not using DHCP for address assignment, and that a node has 93 determined at least a link-local address as described in section 5.3 94 of RFC2461 [4]. 96 To obtain configuration parameters through stateless DHCP, a node 97 uses the DHCP Information-request message. DHCP servers respond to 98 the node's message with a Reply message that carries configuration 99 parameters for the node. The Reply message from the server can carry 100 configuration information such as a list of DNS recursive name 101 servers [3] and SIP servers [5]. 103 This document does not apply to the function of DHCP relay agents as 104 described in RFC 3315. A network element can provide both DHCP server 105 and DHCP relay service. For example, a network element can provide 106 stateless DHCP service to hosts requesting stateless DHCP service, 107 while relaying messages from hosts requesting address assignment 108 through DHCP to another DHCP server. 110 4. Basic Requirements for Implementation of DHCP 112 Several sections of the DHCP specification provide background 113 information or define parts of the specification that are common to 114 all implementations: 116 1-4: give an introduction to DHCP and an overview of DHCP message 117 flows 119 5: defines constants used throughout the protocol specification 121 6, 7: illustrates the format of DHCP messages 123 8: describes the representation of Domain Names 125 9: defines the "DHCP unique identifier" (DUID) 127 13-16: describe DHCP message transmission, retransmission and 128 validation 130 21: describes authentication for DHCP 132 5. Implementation of Stateless DHCP 134 The client indicates that it is requesting configuration information 135 by sending an Information-request message that includes an Option 136 Request option specifying the options that it wishes to receive from 137 the DHCP server. For example, if the client is attempting to obtain 138 a list of DNS recursive name servers, it identifies the DNS Recursive 139 Name Server option in the Information-request message. The server 140 determines the appropriate configuration parameters for the client 141 based on its configuration policies and responds with a Reply message 142 containing the requested parameters. In this example, the server 143 would respond with DNS configuration parameters. 145 As described in section 18.1.5 of RFC 3315, a node may include a 146 Client Identifier option in the Information-request message to 147 identify itself to a server, because the server administrator may 148 want to customize the server's response to each node, based on the 149 node's identity. 151 RFC 3315 does not define any mechanisms through which the time at 152 which a host uses an Information-request message to obtain updated 153 configuration parameters can be controlled. The dhc WG has 154 undertaken the development of such a mechanism or mechanisms which 155 will be published as Standards-track RFC(s). 157 RFC 3315 also does not provide any guidance about when a host might 158 use an Information-request message to obtain updated configuration 159 parameters when the host has moved to a new link. The dhc WG is 160 reviewing a related document, "Detection of Network Attachment (DNA) 161 in IPv4" [8], which describes how a host using IPv4 can determine 162 when to use DHCPv4. Either the dhc WG or a WG formed from the dna 163 BOF will undertake development of a similar document for IPv6. 165 5.1 Messages Required for Stateless DHCP Service 167 Clients and servers implement the following messages for stateless 168 DHCP service; the section numbers in this list refer to the DHCP 169 specification: 171 Information-request: sent by a DHCP client to a server to request 172 configuration parameters (sections 18.1.5 and 18.2.5) 174 Reply: sent by a DHCP server to a client containing 175 configuration parameters (sections 18.2.6 and 18.2.8) 177 In addition, servers and relay agents implement the following 178 messages for stateless DHCP service; the section numbers in this list 179 refer to the DHCP specification: 181 Relay-forward: Sent by a DHCP relay agent to carry the client message 182 to a server (section 15.13) 184 Relay-reply: Sent by a DHCP server to carry a response message to 185 the relay agent (section 15.14) 187 5.2 Options Required for Stateless DHCP Service 189 Clients and servers implement the following options for stateless 190 DHCP service; the section numbers in this list refer to the DHCP 191 specification: 193 Option Request: specifies the configuration information that the 194 client is requesting from the server (section 22.7) 196 Status Code: used to indicate completion status or other status 197 information (section 22.13) 199 Server Identifier: used to identify the server responding to a client 200 request (section 22.3) 202 Servers and relay agents implement the following options for 203 stateless DHCP service; the section numbers in this list refer to the 204 DHCP specification: 206 Client message: Sent by a DHCP relay agent in a Relay-forward message 207 to carry the client message to a server (section 20) 209 Server message: Sent by a DHCP server in a Relay-reply message to 210 carry a response message to the relay agent (section 20) 212 Interface-ID: Sent by the DHCP relay agent and returned by the 213 server to identify the interface to use to forward a message to 214 the client (section 22.18) 216 5.3 Options Used for Configuration Information 218 Clients and servers use the following options to pass configuration 219 information to clients; note that other options for configuration 220 information may be specified in future Internet Standards: 222 DNS Recursive Name Servers: specifies the DNS recursive name servers 223 [7] the client uses for name resolution; see "DNS Configuration 224 options for DHCPv6" [3] 226 DNS search list: specifies the domain names to be searched 227 during name resolution; see "DNS Configuration options for DHCPv6" 228 [3] 230 SIP Servers: specifies the SIP servers the client uses 231 to obtain a list of domain names of IPv6 addresses that can be 232 mapped to one or more SIP outbound proxy servers [5] 234 5.4 Other Options Used in Stateless DHCP 236 Clients and servers may implement the following options for stateless 237 DHCP service; the section numbers in this list refer to the DHCP 238 specification: 240 Preference: Sent by a DHCP server to indicate the preference 241 level for the server (section 22.8) 243 Elapsed time: Sent by a DHCP client to indicate the time since the 244 client began the DHCP configuration process (section 22.9) 246 User Class: Sent by a DHCP client to give additional information 247 to the server for selecting configuration parameters for the 248 client (section 22.15) 250 Vendor Class: Sent by a DHCP client to give additional information 251 about the client vendor and hardware to the server for selecting 252 configuration parameters for the client (section 22.16) 254 Vendor-specific Information: Used to pass information to clients in 255 options defined by vendors (section 22.17) 257 Client Identifier: Sent by a DHCP client to identify itself (section 258 22.2). Clients are not required to send this option; servers send 259 the option back if included in a message from a client 261 Authentication: Used to provide authentication of DHCP messages 262 (section 21) 264 6. Interaction with DHCP for Address Assignment 266 In some networks, there may be both clients that are using stateless 267 address autoconfiguration and DHCP for DNS configuration and clients 268 that are using DHCP for stateful address configuration. Depending on 269 the deployment and configuration of relay agents, DHCP servers that 270 are intended only for stateless configuration may receive messages 271 from clients that are performing stateful address configuration. 273 A DHCP server that is only able to provide stateless configuration 274 information through an Information-request/Reply message exchange 275 discards any other DHCP messages it receives. Specifically, the 276 server discards any messages other than Information-Request or 277 Relay-forward it receives, and the server does not participate in any 278 stateful address configuration messages exchanges. If there are 279 other DHCP servers that are configured to provide stateful address 280 assignment, one of those servers will provide the address assignment. 282 7. Security Considerations 284 Stateless DHCP service is a proper subset of the DHCP service 285 described in the DHCP specification, RFC 3315. Therefore, stateless 286 DHCP service introduces no additional security considerations beyond 287 those discussed in sections 21, 22.11 and 23 of the DHCP 288 specification. 290 Configuration information provided to a node through stateless DHCP 291 service may be used to mount spoofing, man-in-the-middle, 292 denial-of-service and other attacks. These attacks are described in 293 more detail in the specifications for each of the options that carry 294 configuration information. Authenticated DHCP, as described in 295 sections 21 and 22.11 of the DHCP specification, can be used to avoid 296 attacks mounted through the stateless DHCP service. 298 8. Acknowledgments 300 Jim Bound, Ted Lemon and Bernie Volz reviewed this document and 301 contributed editorial suggestions. Thanks to Peter Barany, Tim 302 Chown, Christian Huitema, Tatuya Jinmei, Pekka Savola and Juha 303 Wiljakka for their review and comments. 305 Normative References 307 [1] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C. and M. 308 Carney, "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)", 309 RFC 3315, July 2003. 311 [2] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) 312 Specification", RFC 2460, December 1998. 314 Informative References 316 [3] Droms, R., "DNS Configuration options for Dynamic Host 317 Configuration Protocol for IPv6 (DHCPv6)", RFC 3646, December 318 2003. 320 [4] Narten, T., Nordmark, E. and W. Simpson, "Neighbor Discovery for 321 IP Version 6 (IPv6)", RFC 2461, December 1998. 323 [5] Schulzrinne, H. and B. Volz, "Dynamic Host Configuration 324 Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) 325 Servers", RFC 3319, July 2003. 327 [6] Thomson, S. and T. Narten, "IPv6 Stateless Address 328 Autoconfiguration", RFC 2462, December 1998. 330 [7] Mockapetris, P., "Domain names - concepts and facilities", STD 331 13, RFC 1034, November 1987. 333 [8] Aboba, B., "Detection of Network Attachment (DNA) in IPv4", 334 draft-ietf-dhc-dna-ipv4-04 (work in progress), October 2003. 336 Author's Address 338 Ralph Droms 339 Cisco Systems 340 1414 Massachusetts Avenue 341 Boxborough, MA 01719 342 USA 344 Phone: +1 978 497 4733 345 EMail: rdroms@cisco.com 347 Intellectual Property Statement 349 The IETF takes no position regarding the validity or scope of any 350 intellectual property or other rights that might be claimed to 351 pertain to the implementation or use of the technology described in 352 this document or the extent to which any license under such rights 353 might or might not be available; neither does it represent that it 354 has made any effort to identify any such rights. Information on the 355 IETF's procedures with respect to rights in standards-track and 356 standards-related documentation can be found in BCP-11. Copies of 357 claims of rights made available for publication and any assurances of 358 licenses to be made available, or the result of an attempt made to 359 obtain a general license or permission for the use of such 360 proprietary rights by implementors or users of this specification can 361 be obtained from the IETF Secretariat. 363 The IETF invites any interested party to bring to its attention any 364 copyrights, patents or patent applications, or other proprietary 365 rights which may cover technology that may be required to practice 366 this standard. Please address the information to the IETF Executive 367 Director. 369 Full Copyright Statement 371 Copyright (C) The Internet Society (2004). All Rights Reserved. 373 This document and translations of it may be copied and furnished to 374 others, and derivative works that comment on or otherwise explain it 375 or assist in its implementation may be prepared, copied, published 376 and distributed, in whole or in part, without restriction of any 377 kind, provided that the above copyright notice and this paragraph are 378 included on all such copies and derivative works. However, this 379 document itself may not be modified in any way, such as by removing 380 the copyright notice or references to the Internet Society or other 381 Internet organizations, except as needed for the purpose of 382 developing Internet standards in which case the procedures for 383 copyrights defined in the Internet Standards process must be 384 followed, or as required to translate it into languages other than 385 English. 387 The limited permissions granted above are perpetual and will not be 388 revoked by the Internet Society or its successors or assignees. 390 This document and the information contained herein is provided on an 391 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 392 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 393 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 394 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 395 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 397 Acknowledgment 399 Funding for the RFC Editor function is currently provided by the 400 Internet Society.